System Administration Guide: Security Services

ASET Environment Variables

The following is a list of the ASET environment variables and the values that the variables specify.


Specifies the ASET working directory


Specifies the security level


Specifies the periodic schedule


Specifies which ASET tasks to run


Specifies an aliases file


Determines whether to extend checks to NIS maps and NIS+ tables


Is the directory list for low security


Is the directory for medium security


Is the directory list for high security

The environment variables that are listed in the following sections are found in the /usr/aset/asetenv file. The ASETDIR and ASETSECLEVEL variables are optional. The variables can be set only through the shell by using the /usr/aset/aset command. The other environment variables can be set by editing the file.

ASETDIR Environment Variable

ASETDIR specifies an ASET working directory.

From the C shell, type:

% setenv ASETDIR pathname 

From the Bourne shell or the Korn shell, type:

$ ASETDIR=pathname
$ export ASETDIR

Set pathname to the full path name of the ASET working directory.

ASETSECLEVEL Environment Variable

The ASETSECLEVEL variable specifies a security level at which ASET tasks are executed.

From the C shell, type:

% setenv ASETSECLEVEL level

From the Bourne shell or the Korn shell, type:


In these commands, level can be set to one of the following:


Low security level


Medium security level


High security level

PERIODIC_SCHEDULE Environment Variable

The value of PERIODIC_SCHEDULE follows the same format as the crontab file. Specify the variable value as a string of five fields enclosed in double quotation marks, with each field separated by a space:

"minutes hours day-of-month month day-of-week"
minutes hours

Specifies start time in number of minutes (0-59) after the hour and the hour (0-23).


Specifies the day of the month when ASET should be run, with values from 1-31.


Specifies the month of the year when ASET should be run, with values from 1-12.


Specifies the day of the week when ASET should be run, with values from 0-6. Sunday is day 0.

The following rules apply when creating a periodic schedule for ASET:

The default entry for the PERIODIC_SCHEDULE variable causes ASET to execute at 12:00 midnight every day:


TASKS Environment Variable

The TASKS variable lists the tasks that ASET performs. The default is to list all seven tasks:

TASKS=”env sysconfig usrgrp tune cklist eeprom firewall”

UID_ALIASES Environment Variable

The UID_ALIASES variable specifies an aliases file. If present, ASET consults this file for a list of permitted multiple aliases. The format is UID_ALIASES=pathname, where pathname is the full path name of the aliases file.

The default is as follows:


YPCHECK Environment Variable

The YPCHECK variable extends the task of checking system tables to include NIS or NIS+ tables. The YPCHECK variable is a Boolean variable, which can be set to either true or false.

The default is false, which confines the checking to local system tables:


CKLISTPATH_level Environment Variables

The three checklist path variables list the directories to be checked by the system files checks task. The following definitions of the variables are set by default. The definitions illustrate the relationship between the variables at different levels:


The values for the checklist path environment variables are similar to the values of the shell path variables. Like the shell path variables, the checklist path environment variables are lists of directory names. The directory names are separated by colons. You use an equal sign (=) to connect the variable name to its value.